Hi all,

Has no-one seen this problem?  If so, wow, what have I done wrong here?

Do you need more info?

Cheers,

Paul Hamilton


-----Original Message-----
From: Paul Hamilton [mailto:[EMAIL PROTECTED]
Sent: Saturday, 21 June 2003 1:34 PM
To: Freebsd-Questions
Subject: Transparent Proxy going astray


Hi all,

I have watched/lurked on this list for sometime now, and see a Transparent
Proxy question every now or then.  None of them have answered my problem.  I
give it a bash every now and then to see if I will trip over the answer.  It
hasn't worked, so I will try this list again.

I run FreeBSD 4.8 on the gateway, Squid Cache: Version 2.4.STABLE4

Squid.conf has the required lines:

http_port 8080
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

and the required ipfw2 firewall rules:

00050        271      27520 allow tcp from 192.168.0.10 to any
00060          3        144 fwd 127.0.0.1,8080 tcp from any to any dst-port
80

Interestingly enough when watching the ip traffic on the gateway, I see this
on my inside NIC:

08:27:18.735861 192.168.0.2.3276 > 203.10.1.17.53:  1093+ A?
www.google.com.au. (35)
08:27:18.922217 203.10.1.17.53 > 192.168.0.2.3276:  1093 2/4/4
CNAME[|domain]
08:27:18.923667 192.168.0.2.3277 > 216.239.39.99.80: S
813553086:813553086(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
08:27:18.923722 216.239.39.99.80 > 192.168.0.2.3277: R 0:0(0) ack 813553087
win 0
08:27:19.397657 192.168.0.2.3277 > 216.239.39.99.80: S
813553086:813553086(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
08:27:19.397697 216.239.39.99.80 > 192.168.0.2.3277: R 0:0(0) ack 1 win 0
08:27:19.906095 192.168.0.2.3277 > 216.239.39.99.80: S
813553086:813553086(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
08:27:19.906153 216.239.39.99.80 > 192.168.0.2.3277: R 0:0(0) ack 1 win 0


and this on my outside NIC:

08:27:18.736970 202.72.147.43.3276 > 203.10.1.17.53:  1093+ A?
www.google.com.au. (35)
08:27:18.922026 203.10.1.17.53 > 202.72.147.43.3276:  1093 2/4/4 CNAME
www.google.com., (215)

The cache_access.log doesn't show any traffic, yet (something) is pretending
to be the google website, as there is a reply from 216.239.39.99.80.  I have
tried to run tcpdump -ni lo0 but there isn't any traffic.

Should I be able to see traffic on lo0?

Any thoughts on what I am missing?

Cheers,

Paul Hamilton


_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to